<?php
	include 'connect.php';
    if (is_numeric($_GET['id'])) {
        $id = $_GET['id'];
        $name = mysql_real_escape_string(htmlspecialchars($_POST['name']));
        $bio = mysql_real_escape_string(htmlspecialchars($_POST['bio']));
        mysql_query("UPDATE profile SET name='$name', bio='$bio' WHERE id='$id'") or die(mysql_error()); 
        echo '<script language=javascript>document.location.href="./../profile.php"</script>';
	}
?>